Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-zs86-1a18-xkem
Summary
Aliases
0
alias CVE-2026-44680
1
alias GHSA-cfw5-68c4-ffqp
Fixed_packages
0
url pkg:npm/%40mikro-orm/knex@6.6.14
purl pkg:npm/%40mikro-orm/knex@6.6.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mikro-orm/knex@6.6.14
1
url pkg:npm/%40mikro-orm/sql@7.0.14
purl pkg:npm/%40mikro-orm/sql@7.0.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mikro-orm/sql@7.0.14
Affected_packages
0
url pkg:npm/%40mikro-orm/knex@6.6.13
purl pkg:npm/%40mikro-orm/knex@6.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zs86-1a18-xkem
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mikro-orm/knex@6.6.13
1
url pkg:npm/%40mikro-orm/sql@7.0.13
purl pkg:npm/%40mikro-orm/sql@7.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zs86-1a18-xkem
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540mikro-orm/sql@7.0.13
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-44680
reference_id
reference_type
scores
0
value 0.007
scoring_system epss
scoring_elements 0.72321
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-44680
1
reference_url https://github.com/mikro-orm/mikro-orm
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mikro-orm/mikro-orm
2
reference_url https://github.com/mikro-orm/mikro-orm/pull/7654
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-26T17:40:31Z/
url https://github.com/mikro-orm/mikro-orm/pull/7654
3
reference_url https://github.com/mikro-orm/mikro-orm/pull/7657
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-26T17:40:31Z/
url https://github.com/mikro-orm/mikro-orm/pull/7657
4
reference_url https://github.com/mikro-orm/mikro-orm/security/advisories/GHSA-cfw5-68c4-ffqp
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-26T17:40:31Z/
url https://github.com/mikro-orm/mikro-orm/security/advisories/GHSA-cfw5-68c4-ffqp
5
reference_url https://github.com/mikro-orm/mikro-orm/pull/7653
reference_id 7653
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-26T17:40:31Z/
url https://github.com/mikro-orm/mikro-orm/pull/7653
6
reference_url https://github.com/mikro-orm/mikro-orm/pull/7656
reference_id 7656
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-26T17:40:31Z/
url https://github.com/mikro-orm/mikro-orm/pull/7656
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52600.py
reference_id CVE-2026-44680
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52600.py
8
reference_url https://github.com/advisories/GHSA-cfw5-68c4-ffqp
reference_id GHSA-cfw5-68c4-ffqp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cfw5-68c4-ffqp
Weaknesses
0
cwe_id 89
name Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
description The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
Exploits
0
date_added 2026-05-29
description MikroORM 7.0.13 - SQL Injection
required_action null
due_date null
notes null
known_ransomware_campaign_use false
source_date_published 2026-05-29
exploit_type webapps
platform multiple
source_date_updated 2026-05-29
data_source Exploit-DB
source_url
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-zs86-1a18-xkem